MSU IT would like to make all MSUnet users aware of another ransomware attack currently underway. So far, systems in Spain, France, Ukraine, and Russia have been taken hostage and threat intelligence agencies report that it is expected to go world-wide rather quickly. The ransomware, named Petya, purportedly utilizes the Eternal Blue tools leaked from the US National Security Agency by a hacking group known as The Shadow Brokers.

The ransomware delivered in this attack presents a message like the one shown below to infected users.If you are presented with a message like the example shown above, turn off your computer immediately and call Information Technology at 4278.

To help IT help you protect your digital resources please remember your training and watch for the following red flags when dealing with unexpected or unknown email:

Were you expecting the email? If not take a much more critical view of opening the message and reach out to the purported sender to validate the message before clicking links or opening attachments.

Inspect all aspects of the email. Mouse over the links without clicking them and if the link looks odd reach out to the purported sender to validate the message before clicking links or opening attachments.

As faculty and staff of Midwestern State University, it is up to all of us to help prevent successful cyber-attacks by maintaining vigilance in our online activity.

WannaCry Ransomware attack - Friday, May 12, 2017

MSU IT would like to make all MSUnet users aware of a worldwide ransomware attack currently underway. So far over 45 thousand attacks have been reported by the SANS Internet Storm Center and infections have been seen in 74 different countries. The attacks purportedly utilize tools leaked from the US National Security Agency by a hacking group known as The Shadow Brokers.

The ransomware delivered in this attack presents a message like the one shown below to infected users.If you are presented with a message like the example shown above, turn off your computer immediately and call Information Technology at 4278.

To help IT help you protect your digital resources please remember your training and watch for the following red flags when dealing with unexpected or unknown email:

Were you expecting the email? If not take a much more critical view of opening the message and reach out to the purported sender to validate the message before clicking links or opening attachments.

Inspect all aspects of the email. Mouse over the links without clicking them and if the link looks odd reach out to the purported sender to validate the message before clicking links or opening attachments.

Spora Ransomware - Thursday, May 4, 2017

The unfortunate user who is attacked by this ransomware is presented with a ransom screen that is similar to the examples shown below and once a user is presented with one of these messages the damage has already been done. All the data on your computer at this point are most likely irretrievable.

This ransomware goes by the name Spora and is a professionally coded product that seems to have been developed by an especially well prepared team of Russian cyber criminals. Spora can sit idle on your system and can detonate the malicious payload even when you are not connected to the Internet.

Spora is delivered in a variety of ways but predominantly by phishing emails that lure a recipient into clicking a dangerous link or opening a malicious attachment.

To help IT help you protect your digital resources please remember your training and watch for the following red flags when dealing with unexpected or unknown email:

Were you expecting the email? If not take a much more critical view of opening the message and reach out to the purported sender to validate the message before clicking links or opening attachments.

Inspect all aspects of the email. Mouse over the links without clicking them and if the link looks odd reach out to the purported sender to validate the message before clicking links or opening attachments.

Google Docs phishing incident - Wednesday, May 3, 2017

Accounts from public email services such as Yahoo, Google, and Outlook.com that have been compromised are being used to send emails similar to the example shown below: If you receive such an email, please forward it to phishingreports@mwsu.edu and then delete it immediately. The “Open in Docs” link leads to a malicious site hosted in the public Google hosting environment. Google has been made aware of this scheme and is working to shut it down.

Supported Hardware and Software

At this time, MSU Information Technology does not work on any hardware not owned by Midwestern State University.

Supported Hardware

Dell Optiplex 390

Dell Latitude Exx10

E6510, E6410, etc.

Mac products

Must support Yosemite or newer

Supported SoftwareA list of our currently supported software is available upon request.

Students may access Microsoft Office 365 for free through the Microsoft website at the Office 365 for Students site.

About Information Security

Information Security works closely with Information Technology and other administrative areas to ensure the safety of data and resources, including Personally Identifiable Information. MSU Information Security provides the following services: